Merge pull request #15819 from MikeMcQuaid/bottle_reproducibility_fixes

bottle: reproducibility fixes.

.github/workflows/tests.yml

@@ -428,4 +428,6 @@ jobs:
 
       - run: brew test-bot --only-setup
 
+      - run: brew install gnu-tar
+
       - run: brew test-bot --only-formulae --only-json-tab --test-default-formula

Library/Homebrew/dev-cmd/bottle.rb

@@ -234,14 +234,26 @@ module Homebrew
     [].freeze
   end
 
+  sig { params(gnu_tar_formula: Formula).returns(String) }
+  def self.gnu_tar(gnu_tar_formula)
+    "#{gnu_tar_formula.opt_bin}/tar"
+  end
+
   sig { params(mtime: String).returns(T::Array[String]) }
   def self.reproducible_gnutar_args(mtime)
     # Ensure gnu tar is set up for reproducibility.
     # https://reproducible-builds.org/docs/archives/
     [
-      "--format", "pax", "--owner", "0", "--group", "0", "--sort", "name", "--mtime=#{mtime}",
+      # File modification times
+      "--mtime=#{mtime}",
+      # File ordering
+      "--sort=name",
+      # Users, groups and numeric ids
+      "--owner=0", "--group=0", "--numeric-owner",
+      # PAX headers
+      "--format=pax",
       # Set exthdr names to exclude PID (for GNU tar <1.33). Also don't store atime and ctime.
-      "--pax-option", "globexthdr.name=/GlobalHead.%n,exthdr.name=%d/PaxHeaders/%f,delete=atime,delete=ctime"
+      "--pax-option=globexthdr.name=/GlobalHead.%n,exthdr.name=%d/PaxHeaders/%f,delete=atime,delete=ctime"
     ].freeze
   end
 
@@ -253,14 +265,14 @@ module Homebrew
 
     # Use gnu-tar as it can be set up for reproducibility better than libarchive.
     begin
-      gnu_tar = Formula["gnu-tar"]
+      gnu_tar_formula = Formula["gnu-tar"]
     rescue FormulaUnavailableError
       return default_tar_args
     end
 
-    ensure_formula_installed!(gnu_tar, reason: "bottling")
+    ensure_formula_installed!(gnu_tar_formula, reason: "bottling")
 
-    ["#{gnu_tar.opt_bin}/gtar", reproducible_gnutar_args(mtime)].freeze
+    [gnu_tar(gnu_tar_formula), reproducible_gnutar_args(mtime)].freeze
   end
 
   def self.formula_ignores(formula)

Library/Homebrew/extend/os/dev-cmd/bottle.rb

@@ -1,8 +1,4 @@
 # typed: strict
 # frozen_string_literal: true
 
-if OS.mac?
+require "extend/os/mac/dev-cmd/bottle" if OS.mac?
-  require "extend/os/mac/dev-cmd/bottle"
-elsif OS.linux?
-  require "extend/os/linux/dev-cmd/bottle"
-end

Library/Homebrew/extend/os/linux/dev-cmd/bottle.rb

@@ -1,12 +0,0 @@
-# typed: true
-# frozen_string_literal: true
-
-module Homebrew
-  sig { params(args: T.untyped, mtime: String).returns([String, T::Array[String]]) }
-  def self.setup_tar_and_args!(args, mtime)
-    # Without --only-json-tab bottles are never reproducible
-    return ["tar", tar_args].freeze unless args.only_json_tab?
-
-    ["tar", reproducible_gnutar_args(mtime)].freeze
-  end
-end

Library/Homebrew/extend/os/mac/dev-cmd/bottle.rb

@@ -10,4 +10,9 @@ module Homebrew
       [].freeze
     end
   end
+
+  sig { params(gnu_tar_formula: Formula).returns(String) }
+  def self.gnu_tar(gnu_tar_formula)
+    "#{gnu_tar_formula.opt_bin}/gtar"
+  end
 end